Explore core concepts and practical steps for migrating serverless functions to container-based services using ECS and integrating with API Gateway canary deployments. This quiz focuses on strategies, challenges, and best practices for transitioning workloads in cloud-native environments, optimizing API traffic management, and maintaining high service availability.
Which core difference should you consider when migrating from a Lambda-based architecture to ECS regarding workload management?
Explanation: The correct answer highlights that ECS places more responsibility on the user to manage the lifecycle of containers, unlike Lambda which abstracts infrastructure management. The second option generalizes costs, which vary depending on usage. The third is incorrect because ECS supports multiple runtimes based on container images, and Lambda also supports several runtimes. The fourth option is misleading as Lambda does not natively support persistent storage across invocations, while containers in ECS can use persistent storage if configured.
What is a primary benefit of using an API Gateway canary deployment when migrating serverless endpoints to ECS?
Explanation: Canary deployments enable gradual shifts of traffic, helping to identify issues with ECS before a full migration. Reducing latency is not a guaranteed result of a canary deployment. Additional setup is usually required, so the third option is incorrect. The fourth option is inaccurate because automated rollback is not always immediate or part of all canary setups.
When defining a task for ECS, what essential detail must you include that is not needed for configuring Lambda?
Explanation: Unlike Lambda, ECS requires the specific container image as the main unit of deployment. The function timeout is important for Lambda but not unique to ECS. Event triggers are more native to Lambda, which is event-driven. Secret rotation schedules pertain to credential management and are not directly required when defining a task.
Which integration type allows API Gateway to connect with both Lambda and ECS-based endpoints?
Explanation: HTTP integration enables API Gateway to forward API requests to any HTTP endpoint, such as those served by ECS or Lambda. WS and SQL are not relevant to standard API Gateway integrations with container or serverless compute. FTP integration is for file transfers, not APIs.
During migration from Lambda to ECS, why is handling stateful data often more complex in ECS?
Explanation: Containers are designed to be ephemeral and can be replaced; thus, storing state locally is risky. Option two is incorrect because encryption is not always default. The third option is not true as containers have defined memory limits. The fourth option is false; neither environment has built-in persistent databases.
After migrating an API endpoint from Lambda to ECS, what network configuration may need updating to permit traffic?
Explanation: ECS tasks often run in a different VPC configuration and require appropriate security group settings to allow network access. Runtime memory and billing alerts are unrelated to communication permissions. Lambda permission policies only affect the serverless function, not ECS.
What is a basic distinction in scaling between Lambda and ECS services?
Explanation: Lambda handles scaling automatically based on demand, while ECS requires you to define how and when tasks are started or stopped through scaling policies. The second choice is incorrect as ECS scaling needs configuration. Lambda can run many instances simultaneously—contradicting option three. ECS does not require manual hardware upgrades for scaling.
Which approach helps measure if API Gateway canary traffic handled by ECS is working as intended during migration?
Explanation: Tracking success and error rates allows you to verify real traffic outcomes during canary migration. Gradually increasing traffic is safer than immediately shifting all users. Manual tests without health checks may miss certain failures, and focusing only on memory usage does not confirm correct request handling.
Which step is often necessary when replacing Lambda with ECS regarding identity and access management (IAM)?
Explanation: ECS tasks require appropriate roles with necessary permissions to replicate previous Lambda access. Disabling roles would break access. Replacing each ECS task with a new Lambda is irrelevant to migration. Hardcoding secrets is insecure and not recommended.
Why must you specify a container command or entry point for ECS-based tasks, while Lambda does not require this?
Explanation: ECS requires explicit instructions for container processes, as it can run any application, while Lambda relies on handler configuration. The second and fourth options misstate the ECS requirement. Lambda supports multiple code types, not just compiled binaries.
When configuring canary deployment for an API endpoint, what does adjusting 'traffic weighting' control?
Explanation: Traffic weighting sets the proportion of requests routed to the new deployment, crucial for safe canary migrations. The other options, involving memory, bandwidth, or storage, do not relate to request distribution during deployment.
Which migration approach is most suitable to ensure zero-downtime when moving endpoints from Lambda to ECS?
Explanation: Gradual canary deployments allow overlapping old and new environments, catching issues before a full switch. Disabling old endpoints or updating all clients at once risks interruption. DNS propagation is unpredictable and doesn't guarantee zero-downtime.
What is an important consideration regarding environment variables when migrating from Lambda to containers on ECS?
Explanation: ECS needs environment variables defined in task definitions or orchestration configurations. Variables from Lambda are not transferred automatically. ECS supports environment variables, so option three is incorrect. Defining them via code comments has no effect.
During migration of logging functionality from Lambda to ECS, what typical adjustment is needed?
Explanation: In containers, logs are produced by the running process and need to be routed to a log aggregation or monitoring tool. Disabling logs prevents troubleshooting. Logging to HTTP headers is not a standard logging approach. Sharing one directory can cause conflicts in multi-container systems.
Which consideration is necessary when configuring timeouts and retries after moving an API handler from Lambda to ECS?
Explanation: Timeout and retry logic differ between the two environments—ECS tasks and load balancers or gateways often need explicit configuration. Default settings do not match exactly. Retries can be set at several layers in ECS. Timeouts can apply to various processes, not just database transactions.
Which feature of API Gateway can assist with rapid rollback during the migration of serverless APIs to ECS?
Explanation: API Gateway can shift traffic back to the original environment by adjusting traffic weights if the new deployment fails. Provisioning, encryption, and mass deletion do not specifically address returning service to a pre-migration state during rollback.